From 2d59d1fce71ac04c317a9ed747655191de3b59c3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 20 Jun 2024 11:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/47xxx/CVE-2021-47617.json | 146 ++++++++++++++++++++++++++++++++- 2021/47xxx/CVE-2021-47618.json | 103 ++++++++++++++++++++++- 2024/28xxx/CVE-2024-28147.json | 90 ++++++++++++++++++-- 2024/38xxx/CVE-2024-38857.json | 18 ++++ 2024/38xxx/CVE-2024-38858.json | 18 ++++ 2024/38xxx/CVE-2024-38859.json | 18 ++++ 2024/38xxx/CVE-2024-38860.json | 18 ++++ 2024/38xxx/CVE-2024-38861.json | 18 ++++ 2024/38xxx/CVE-2024-38862.json | 18 ++++ 2024/38xxx/CVE-2024-38863.json | 18 ++++ 2024/38xxx/CVE-2024-38864.json | 18 ++++ 2024/38xxx/CVE-2024-38865.json | 18 ++++ 2024/38xxx/CVE-2024-38866.json | 18 ++++ 2024/5xxx/CVE-2024-5886.json | 8 +- 14 files changed, 510 insertions(+), 17 deletions(-) create mode 100644 2024/38xxx/CVE-2024-38857.json create mode 100644 2024/38xxx/CVE-2024-38858.json create mode 100644 2024/38xxx/CVE-2024-38859.json create mode 100644 2024/38xxx/CVE-2024-38860.json create mode 100644 2024/38xxx/CVE-2024-38861.json create mode 100644 2024/38xxx/CVE-2024-38862.json create mode 100644 2024/38xxx/CVE-2024-38863.json create mode 100644 2024/38xxx/CVE-2024-38864.json create mode 100644 2024/38xxx/CVE-2024-38865.json create mode 100644 2024/38xxx/CVE-2024-38866.json diff --git a/2021/47xxx/CVE-2021-47617.json b/2021/47xxx/CVE-2021-47617.json index 991a4538b02..dbc8de0233b 100644 --- a/2021/47xxx/CVE-2021-47617.json +++ b/2021/47xxx/CVE-2021-47617.json @@ -1,18 +1,156 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-47617", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp's power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "a8cc52270f3d", + "version_value": "ff27f7d0333c" + }, + { + "version_affected": "<", + "version_name": "4667358dab9c", + "version_value": "464da38ba827" + }, + { + "version_affected": "<", + "version_name": "8edf5332c393", + "version_value": "3b4c966fb156" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "5.7", + "status": "affected" + }, + { + "version": "0", + "lessThan": "5.7", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.233", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.177", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.97", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.20", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.16.6", + "lessThanOrEqual": "5.16.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.17", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a" + }, + { + "url": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d" + }, + { + "url": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9" + }, + { + "url": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af" + }, + { + "url": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5" + }, + { + "url": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12" + } + ] + }, + "generator": { + "engine": "bippy-7d53e8ef8be4" } } \ No newline at end of file diff --git a/2021/47xxx/CVE-2021-47618.json b/2021/47xxx/CVE-2021-47618.json index f396adfb898..375840c2333 100644 --- a/2021/47xxx/CVE-2021-47618.json +++ b/2021/47xxx/CVE-2021-47618.json @@ -1,18 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-47618", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9170/1: fix panic when kasan and kprobe are enabled\n\narm32 uses software to simulate the instruction replaced\nby kprobe. some instructions may be simulated by constructing\nassembly functions. therefore, before executing instruction\nsimulation, it is necessary to construct assembly function\nexecution environment in C language through binding registers.\nafter kasan is enabled, the register binding relationship will\nbe destroyed, resulting in instruction simulation errors and\ncausing kernel panic.\n\nthe kprobe emulate instruction function is distributed in three\nfiles: actions-common.c actions-arm.c actions-thumb.c, so disable\nKASAN when compiling these files.\n\nfor example, use kprobe insert on cap_capable+20 after kasan\nenabled, the cap_capable assembly code is as follows:\n:\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne1a05000\tmov\tr5, r0\ne280006c\tadd\tr0, r0, #108 ; 0x6c\ne1a04001\tmov\tr4, r1\ne1a06002\tmov\tr6, r2\ne59fa090\tldr\tsl, [pc, #144] ;\nebfc7bf8\tbl\tc03aa4b4 <__asan_load4>\ne595706c\tldr\tr7, [r5, #108] ; 0x6c\ne2859014\tadd\tr9, r5, #20\n......\nThe emulate_ldr assembly code after enabling kasan is as follows:\nc06f1384 :\ne92d47f0\tpush\t{r4, r5, r6, r7, r8, r9, sl, lr}\ne282803c\tadd\tr8, r2, #60 ; 0x3c\ne1a05000\tmov\tr5, r0\ne7e37855\tubfx\tr7, r5, #16, #4\ne1a00008\tmov\tr0, r8\ne1a09001\tmov\tr9, r1\ne1a04002\tmov\tr4, r2\nebf35462\tbl\tc03c6530 <__asan_load4>\ne357000f\tcmp\tr7, #15\ne7e36655\tubfx\tr6, r5, #12, #4\ne205a00f\tand\tsl, r5, #15\n0a000001\tbeq\tc06f13bc \ne0840107\tadd\tr0, r4, r7, lsl #2\nebf3545c\tbl\tc03c6530 <__asan_load4>\ne084010a\tadd\tr0, r4, sl, lsl #2\nebf3545a\tbl\tc03c6530 <__asan_load4>\ne2890010\tadd\tr0, r9, #16\nebf35458\tbl\tc03c6530 <__asan_load4>\ne5990010\tldr\tr0, [r9, #16]\ne12fff30\tblx\tr0\ne356000f\tcm\tr6, #15\n1a000014\tbne\tc06f1430 \ne1a06000\tmov\tr6, r0\ne2840040\tadd\tr0, r4, #64 ; 0x40\n......\n\nwhen running in emulate_ldr to simulate the ldr instruction, panic\noccurred, and the log is as follows:\nUnable to handle kernel NULL pointer dereference at virtual address\n00000090\npgd = ecb46400\n[00000090] *pgd=2e0fa003, *pmd=00000000\nInternal error: Oops: 206 [#1] SMP ARM\nPC is at cap_capable+0x14/0xb0\nLR is at emulate_ldr+0x50/0xc0\npsr: 600d0293 sp : ecd63af8 ip : 00000004 fp : c0a7c30c\nr10: 00000000 r9 : c30897f4 r8 : ecd63cd4\nr7 : 0000000f r6 : 0000000a r5 : e59fa090 r4 : ecd63c98\nr3 : c06ae294 r2 : 00000000 r1 : b7611300 r0 : bf4ec008\nFlags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user\nControl: 32c5387d Table: 2d546400 DAC: 55555555\nProcess bash (pid: 1643, stack limit = 0xecd60190)\n(cap_capable) from (kprobe_handler+0x218/0x340)\n(kprobe_handler) from (kprobe_trap_handler+0x24/0x48)\n(kprobe_trap_handler) from (do_undefinstr+0x13c/0x364)\n(do_undefinstr) from (__und_svc_finish+0x0/0x30)\n(__und_svc_finish) from (cap_capable+0x18/0xb0)\n(cap_capable) from (cap_vm_enough_memory+0x38/0x48)\n(cap_vm_enough_memory) from\n(security_vm_enough_memory_mm+0x48/0x6c)\n(security_vm_enough_memory_mm) from\n(copy_process.constprop.5+0x16b4/0x25c8)\n(copy_process.constprop.5) from (_do_fork+0xe8/0x55c)\n(_do_fork) from (SyS_clone+0x1c/0x24)\n(SyS_clone) from (__sys_trace_return+0x0/0x10)\nCode: 0050a0e1 6c0080e2 0140a0e1 0260a0e1 (f801f0e7)" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "35aa1df43283", + "version_value": "1515e72aae80" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "2.6.25", + "status": "affected" + }, + { + "version": "0", + "lessThan": "2.6.25", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.19", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.16.5", + "lessThanOrEqual": "5.16.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.17", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/1515e72aae803fc6b466adf918e71c4e4c9d5b3d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/1515e72aae803fc6b466adf918e71c4e4c9d5b3d" + }, + { + "url": "https://git.kernel.org/stable/c/ba1863be105b06e10d0e2f6b1b8a0570801cfc71", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ba1863be105b06e10d0e2f6b1b8a0570801cfc71" + }, + { + "url": "https://git.kernel.org/stable/c/8b59b0a53c840921b625378f137e88adfa87647e", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/8b59b0a53c840921b625378f137e88adfa87647e" + } + ] + }, + "generator": { + "engine": "bippy-7d53e8ef8be4" } } \ No newline at end of file diff --git a/2024/28xxx/CVE-2024-28147.json b/2024/28xxx/CVE-2024-28147.json index c25ea447dfe..f1451a5c272 100644 --- a/2024/28xxx/CVE-2024-28147.json +++ b/2024/28xxx/CVE-2024-28147.json @@ -1,18 +1,98 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28147", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-research@sec-consult.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An authenticated user can upload arbitrary files in the upload \nfunction for collection preview images. An attacker may upload an HTML \nfile that includes malicious JavaScript code which will be executed if a\n user visits the direct URL of the collection preview image (Stored \nCross Site Scripting). It is also possible to upload SVG files that \ninclude nested XML entities. Those are parsed when a user visits the \ndirect URL of the collection preview image, which may be utilized for a \nDenial of Service attack.\n\nThis issue affects edu-sharing: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "metaVentis GmbH", + "product": { + "product_data": [ + { + "product_name": "edu-sharing", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "version": "<8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19", + "versionType": "custom" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://r.sec-consult.com/metaventis", + "refsource": "MISC", + "name": "https://r.sec-consult.com/metaventis" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "

The repository base version in use can be identified in the Admin-Tools. The vendor provides a patch for the affected versions:

  • Version 8.0: Update repository version to \"8.0.8-RC2\" or later
  • Version 8.1: Update repository version to \"8.1.4-RC0\" or later
  • Version 9.0: Update repository version to \"9.0.0-RC19\" or later

" + } + ], + "value": "The repository base version in use can be identified in the Admin-Tools. The vendor provides a patch for the affected versions:\n\n * Version 8.0: Update repository version to \"8.0.8-RC2\" or later\n * Version 8.1: Update repository version to \"8.1.4-RC0\" or later\n * Version 9.0: Update repository version to \"9.0.0-RC19\" or later" + } + ], + "credits": [ + { + "lang": "en", + "value": "Kai Zimmermann, SEC Consult Vulnerability Lab" + } + ] } \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38857.json b/2024/38xxx/CVE-2024-38857.json new file mode 100644 index 00000000000..f513a209aad --- /dev/null +++ b/2024/38xxx/CVE-2024-38857.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38857", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38858.json b/2024/38xxx/CVE-2024-38858.json new file mode 100644 index 00000000000..c26a752db3d --- /dev/null +++ b/2024/38xxx/CVE-2024-38858.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38858", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38859.json b/2024/38xxx/CVE-2024-38859.json new file mode 100644 index 00000000000..259764e8d5a --- /dev/null +++ b/2024/38xxx/CVE-2024-38859.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38859", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38860.json b/2024/38xxx/CVE-2024-38860.json new file mode 100644 index 00000000000..aa747b2dd1b --- /dev/null +++ b/2024/38xxx/CVE-2024-38860.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38860", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38861.json b/2024/38xxx/CVE-2024-38861.json new file mode 100644 index 00000000000..8ef7a464965 --- /dev/null +++ b/2024/38xxx/CVE-2024-38861.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38861", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38862.json b/2024/38xxx/CVE-2024-38862.json new file mode 100644 index 00000000000..d1e125c5ea4 --- /dev/null +++ b/2024/38xxx/CVE-2024-38862.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38862", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38863.json b/2024/38xxx/CVE-2024-38863.json new file mode 100644 index 00000000000..536f1fd48a5 --- /dev/null +++ b/2024/38xxx/CVE-2024-38863.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38863", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38864.json b/2024/38xxx/CVE-2024-38864.json new file mode 100644 index 00000000000..e88e50616eb --- /dev/null +++ b/2024/38xxx/CVE-2024-38864.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38864", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38865.json b/2024/38xxx/CVE-2024-38865.json new file mode 100644 index 00000000000..2c5af92d6ec --- /dev/null +++ b/2024/38xxx/CVE-2024-38865.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38865", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/38xxx/CVE-2024-38866.json b/2024/38xxx/CVE-2024-38866.json new file mode 100644 index 00000000000..5ad75e9258c --- /dev/null +++ b/2024/38xxx/CVE-2024-38866.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-38866", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5886.json b/2024/5xxx/CVE-2024-5886.json index 4661afc3b7c..01866878b39 100644 --- a/2024/5xxx/CVE-2024-5886.json +++ b/2024/5xxx/CVE-2024-5886.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5886", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@huntr.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] }